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DETAILED ACTION 

1 . The amendment of 22 August 2005 has been noted and made of record. 

2. Claims 29-57 have been presented for examination. 

Response to Arguments 

3. Applicant's arguments filed 22 August 2005, with respect to claims 36-51, have been 
fully considered but they are not persuasive. 

4. In response to the applicant's argument that the cited reference fails to disclose isolating 
unauthorized objects from the computer system, the Examiner disagrees. As discussed on page 
10 of the amendment filed on 22 August 2005, the Applicant recites the section cited by the 
Examiner, which in summation includes detecting unauthorized, potentially malicious, changes 
to a file. One of ordinary skill in the art clearly recognizes that one would isolate unauthorized 
data from data that has been authorized and secured since it has been well known in the art since 
at least September 1998, as illustrated by U.S. Patent No. 5,802,275 to Blonder, hereinafter 
Blonder. As discussed in Blonder, one would be motivated to isolate objects that have been 
altered to prevent the dissemination of viruses amongst the remaining system objects. 

5. If Applicant challenges a factual assertion as not properly based upon common 
knowledge, the Examiner must support the adequate evidence. Upon the next action, the 
Examiner must provide documentary evidence in the next Office action if the rejection is to be 
maintained. See37CFR 1.104(c)(2). See also In re Zurko, 258F.3dat 1386, 59 USPQ2d at 
1697. If the Examiner adds a reference in the next Office action after applicant's rebuttal, and 
the newly cited reference is added only as directly corresponding evidence to support the prior 
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common knowledge finding, and it does not result in a new issue or constitute a new grounds of 
rejection, the Office Action may be made final. 

6. Applicant's arguments with respect to claims 29-34 and 52-57 have been considered but 
are moot in view of the new ground(s) of rejection. 

7. See further rejections that follow. 

Claim Rejections - 35 USC §112 

8. The following is a quotation of the first paragraph of 35 U.S.C. 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of ***ying out his invention. 

9. Claims 29-35, and 52-57 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to reasonably convey to one skilled in the 
relevant art that the inventor(s), at the time the application was filed, had possession of the 
claimed invention. An amendment to the claims or addition of a new claim must be supported by 
the description of the invention in the application as filed. See MPEP § 2163.03, see also In re 
Wright, 866 F.2d 422, 9 USPQ2d 1649 (Fed. Cir. 1989). The limitations at issue are specifically: 

inserting a first identifier into a steganographic zone of the object wherein the first 
identifier and the stenographic zone of the object are formed by the computer system and the first 
identifier prevents the execution of the executable object ; and 

comparing the first identifier in the steganographic zone to a second identifier each time 
the object is selected for execution, wherein an executable version of the object is created if the 
first identifier matches the second identifier. 



Application/Control Number: 09/68 1 ,804 Page 4 

Art Unit: 2131 

The description of the invention merely states that the identifiers are compared and if the 
identifiers match, the object is executed. There is no disclosure of the identifiers preventing 
execution of the object, merely that the object is treated as a "non-self object" and the 
"administrator is notified" (page 13). There is also no disclosure of creating a separate 
executable version of the object the description merely states that the object is authenticated for 
execution if the identifiers match (page 13). 

10. Therefore, the amendments to the claims lack a written description in the specification. 

Claim Rejections 

11. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

12. Claims 29, 31, 32, 52, and 54 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent 6,612,044 to Raab et al., hereinafter Raab in view of U.S. Patent Application 
Publication No. 2001/0037450 to Metlitski et al., hereinafter Metlitski. 

13. As per claims 29 and 52, Raab discloses a method for authorizing execution of an object 
on a computer system comprising: 

(a) selecting an executable object on the computer system (column 11, lines 52-65, i.e. 
executable programs); 

(b) inserting a first identifier into a steganographic zone of the object, wherein the first 
identifier and the stenographic zone of the object are formed by the computer system and the first 
identifier prevents execution of the executable object (column 1 1, line 52 to column 12, line 7, 
i.e. insert an executable program site identifier which prevents the program from being executed 
at multiple sites); and 
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(c) comparing the first identifier in the steganographic zone to a second identifier each 
time the object is selected for execution (column 1 1, line 52 to column 12, line 7, i.e. compare 
the identifiers). 

14. Raab does not teach wherein an executable version of the object is created if the first 
identifier matches the second identifier. 

15. Metlitski discloses wherein an executable version of the object is created to be executed 
(paragraph [0204]). 

16. Both Raab and Metlitski are related in the field of process protection. 

17. Paragraphs [0203]-[0208] disclose techniques for how to create a copy of an object for 
execution. 

18. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to create an executable version of the object, since Metlitski states at paragraph [0002] 
that such a modification provide security and authentication of an executable program in an open 
architecture computer system. 

19. Regarding claims 3 1, 38, and 46, Raab discloses wherein the second identifier is stored 
on the system (column 11, line 52 to column 12, line 7, i.e. second identifier stored on coordinate 
measurement system). 

20. Regarding claims 32, 39, 47, and 54, Raab discloses wherein the second identifier is 
stored on an external data storage structure (column 1 1, line 52 to column 12, line 7, i.e. second 
identifier stored on coordinate measurement system). 
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21. Claims 30, 33-35, 52 -54, 56, and 57 rejected under 35 U.S.C. 103(a) as being 
unpatentable over Raab in view of Metlitski as applied above, and further in view of U.S. Patent 
No. 6,788,800 to Carr et al., hereinafter Carr. 

22. Regarding claims 30, 37, 45, and 53, Raab and Metlitski do not disclose wherein the 
identifiers comprise a sequence of fields for creating a unique copy of the object and an 
ownership token between the object and the system. 

23. Carr teaches wherein the identifiers comprise a sequence of fields for creating a unique 
copy of the object and an ownership token between the object and the system (column 2, lines 
45-65, column 6, lines 28-46). 

24. It would have been obvious to ordinary skill in the art at the time the invention was made 
to have the identifiers comprise a sequence of fields for creating a unique copy of the object and 
an ownership token between the object and the system, since Carr states at column 1, lines 11-15 
that such a modification would aid in authenticating data using the embedded security data. 

25. Regarding claims 33, 41, and 49, Raab and Metlitski do not disclose wherein the first 
identifier is extracted from the steganographic zone of the object. 

26. Carr teaches wherein the first identifier is extracted from the steganographic zone of the 
object (column 4, lines 47-59). 
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27. It would have been obvious to ordinary skill in the art at the time the invention was made 
to have wherein the first identifier is extracted from the steganographic zone of the object, since 
Carr states at column 1, lines 11-15 that such a modification would aid in authenticating data 
using the embedded security data. 

28. With regards to claims 34, 42, 50, and 56, Raab and Metlitski do not disclose wherein the 
external data storage device comprises data for extracting the first identifier. 

29. Carr teaches wherein the external data storage device comprises data for extracting the 
first identifier (column 4, lines 37-59). 

30. It would have been obvious to ordinary skill in the art at the time the invention was made 
to extract the first identifier, since Carr states at column 1, lines 11-15 that such a modification 
would aid in authenticating data using the embedded security data. 

3 1 . Regarding claims 35, 43, 5 1, and 57, Raab and Metlitski do not disclose wherein the 
system identifier is encrypted. 

32. Carr discloses wherein the system identifier is encrypted (column 2, lines 56-65). 

It would have been obvious to ordinary skill in the art at the time the invention was made to 
encrypt the identifier, since Carr states at column 1, lines 11-15 that such a modification would 
aid in authenticating data using the embedded security data. 

33. Claims 36-51 are rejected under 35 U.S.C. 103(a) as being unpatentable over Carr in 
view of U.S. Patent No. 5,919,257 to Trostle, hereinafter Trostle. 
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34. As per claims 36 and 44, Carr discloses a method for identifying unauthorized objects on 
a computer system comprising: 

(a) authorizing objects of the computer system by embedding a system identifier into the 
authorized objects (column 2, line 45 to column 4, line 28); 

(b) determining the presence of the system identifier in objects of the computer, wherein 
objects that are not embedded with the system identifier are unauthorized (column 4, line 30 to 
column 5, line 46). 

35. Carr does not teach isolating unauthorized objects from the computer system. 

36. Trostle discloses isolating unauthorized objects from the computer system (column 7, 
lines 28-42). 

37. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to isolate the unauthorized objects from the computer system, since Trostle states at 
column 7, liens 28-42 that such a modification would isolate objects that have unauthorized 
changes, which may be potentially malicious code. 

38. Regarding claims 40, 48, and 55, Carr discloses wherein the system identifier is 
embedded in a steganographic zone of the object (column 1, lines 38-49, i.e. "steganographically 
embeds security data into the data"). 

Conclusion 

39. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 
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40. The following patents are cited to further show the state of the art with respect to 
comparing identifiers for authorization, such as: 

United States Patent No. 6,807,632 to Carpentier et al., which is cited to show comparing 
identifiers for authorization of files. 

United States Patent No. 6,134,597 to Rieth et al., which is cited to show CRC hash 
compressed server object identifiers. 

United States Patent No. 5,978,791 to Farber et al., which is cited to show a data 
processing system using substantially unique identifiers to identify data items. 

United States Patent No. 6,345,360 to Kamada et al., which is cited to show managing 
files with alteration preventing/detecting functions. 

United States Patent No. 5,050,212 to Dyson, which is cited to show verifying the 
integrity of a file stored separately from a computer. 

41. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

42. A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 
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43. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian La Forgia whose telephone number is (571) 272-3792. 
The examiner can normally be reached on Monday thru Thursday 7-5. 

44. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

45. Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Christian LaForgia 
Patent Examiner 
Art Unit 2131 
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